Last updated: February 21, 2026
By accessing or using the VaultFill platform, you agree to be bound by these Terms. If you do not agree, do not use the Service.
These Terms of Service ("Terms") constitute a legally binding agreement made between you, whether personally or on behalf of an entity ("you," "your," or "Customer"), and VaultFill Inc., a Delaware corporation ("Company," "we," "us," or "our"), concerning your access to and use of the VaultFill compliance automation platform, websites, APIs, documentation, and any related services (collectively, the "Service").
By creating an account, clicking "I Accept," accessing or using any part of the Service, you acknowledge that you have read, understood, and agree to be bound by these Terms and our Privacy Policy. If you are entering into these Terms on behalf of a company or other legal entity, you represent that you have the authority to bind such entity to these Terms.
If you do not agree with all of these Terms, you are expressly prohibited from using the Service and must discontinue use immediately. We reserve the right to refuse service to anyone for any reason at any time.
VaultFill is an AI-powered compliance automation platform that provides automated infrastructure scanning, policy generation, evidence collection, security questionnaire automation, vendor risk assessment, vulnerability scanning, and compliance reporting against frameworks including but not limited to SOC 2 (Type I and Type II), ISO 27001:2022, HIPAA, GDPR, PCI-DSS, CMMC 2.0, and NIST AI RMF.
The Service includes, without limitation:
IMPORTANT: VaultFill provides software tools designed to assist with compliance readiness. We are NOT a certified public accounting firm, a law firm, an accredited auditing body, or a licensed professional services organization. The Service does not constitute legal, audit, tax, or professional advice.
The outputs generated by the Service — including but not limited to policy documents, remediation scripts, questionnaire answers, risk assessments, and compliance reports — are generated by artificial intelligence and do not constitute legal or professional audit advice. Outputs are provided as draft guidance and must be reviewed, validated, and approved by qualified professionals before any reliance or implementation.
Utilizing VaultFill does not guarantee certification, attestation, or compliance with any regulatory standard or framework. You retain sole responsibility for:
To access the Service, you must create an account and provide accurate, current, and complete information. You are responsible for maintaining the confidentiality of your account credentials and for all activities that occur under your account. You agree to:
We reserve the right to suspend or terminate accounts that we reasonably believe are compromised, in violation of these Terms, or being used for unauthorized purposes.
Subject to your compliance with these Terms and payment of applicable fees, we grant you a limited, non-exclusive, non-transferable, non-sublicensable, revocable right to access and use the Service solely for your internal business operations during the subscription term.
You shall not:
"Customer Data" means all data, information, content, metadata, configurations, and materials submitted to or collected by the Service on your behalf, including infrastructure metadata, evidence artifacts, questionnaire responses, and policy documents.
You retain all ownership rights to your Customer Data. By using the Service, you grant us a limited license to access, process, store, and display your Customer Data solely as necessary to provide and improve the Service. We will not sell, rent, or share your Customer Data with third parties except as described in our Privacy Policy or as required by law.
We process Customer Data in accordance with our Data Processing Agreement (DPA), available upon request at legal@vaultfill.com. Our DPA addresses data processing roles, sub-processors, data transfers, breach notification, and data subject rights under GDPR, CCPA, and other applicable privacy regulations.
Upon termination of your subscription, you may request the export of your Customer Data within 30 days. After the 30-day period, we may permanently delete your Customer Data from our systems, except as required for legal, regulatory, or audit purposes.
The Service utilizes artificial intelligence and machine learning models (including third-party large language models) to generate compliance analyses, policy recommendations, remediation scripts, questionnaire responses, and risk assessments ("AI Outputs"). You acknowledge and agree that:
Subject to these Terms, you own any work product you create by modifying, reviewing, and incorporating AI Outputs into your business processes. We retain no ownership claim over your finalized compliance artifacts.
The Service is offered under subscription plans as published on our pricing page. Fees are based on the plan selected and billed monthly or annually in advance. All fees are quoted in U.S. dollars and are non-refundable except as expressly stated herein.
All rights, title, and interest in and to the Service — including but not limited to source code, algorithms, AI models, user interface designs, documentation, trademarks, trade dress, and the VaultFill brand identity — are and will remain the exclusive property of VaultFill Inc. and its licensors. The Service is protected by copyright, trademark, patent, trade secret, and other intellectual property laws.
Nothing in these Terms grants you any right to use VaultFill's trademarks, trade names, logos, or brand identifiers without our prior written consent. "VaultFill," "Pele AI," "Evidence Vault," "Trust Graph," and the VaultFill logo are trademarks of VaultFill Inc.
Each party agrees that all information disclosed by one party to the other in connection with the Service that is designated as confidential or that reasonably should be understood to be confidential ("Confidential Information") shall be kept confidential. The receiving party shall not disclose Confidential Information to third parties without the disclosing party's prior written consent, except to employees, contractors, or agents who need to know such information and are bound by confidentiality obligations at least as protective as those set forth herein.
Confidential Information does not include information that: (a) is or becomes publicly available without breach of these Terms; (b) was known to the receiving party before disclosure; (c) is independently developed without reference to Confidential Information; or (d) is required to be disclosed by law, regulation, or court order, provided that the receiving party gives reasonable advance notice to the disclosing party.
THE SERVICE IS PROVIDED "AS IS" AND "AS AVAILABLE" WITHOUT WARRANTIES OF ANY KIND, WHETHER EXPRESS, IMPLIED, OR STATUTORY, INCLUDING BUT NOT LIMITED TO IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, TITLE, AND NON-INFRINGEMENT. WE DO NOT WARRANT THAT THE SERVICE WILL BE UNINTERRUPTED, ERROR-FREE, SECURE, OR THAT DEFECTS WILL BE CORRECTED.
Without limiting the foregoing, we specifically disclaim any warranty that: (a) AI-generated outputs will be accurate, complete, or suitable for any particular regulatory or legal purpose; (b) the Service will detect all compliance gaps, security vulnerabilities, or configuration risks; (c) use of the Service will result in certification under any regulatory framework; or (d) evidence collected through the Service will satisfy the requirements of any specific auditor or regulatory body.
TO THE MAXIMUM EXTENT PERMITTED BY LAW, IN NO EVENT SHALL VAULTFILL INC., ITS AFFILIATES, OFFICERS, DIRECTORS, EMPLOYEES, AGENTS, OR LICENSORS BE LIABLE FOR ANY INDIRECT, INCIDENTAL, SPECIAL, CONSEQUENTIAL, EXEMPLARY, OR PUNITIVE DAMAGES, INCLUDING BUT NOT LIMITED TO DAMAGES FOR LOSS OF PROFITS, GOODWILL, DATA, COMPLIANCE CERTIFICATIONS, REGULATORY PENALTIES, AUDIT FAILURES, OR OTHER INTANGIBLE LOSSES, ARISING OUT OF OR IN CONNECTION WITH THESE TERMS OR THE USE OR INABILITY TO USE THE SERVICE.
IN NO EVENT SHALL OUR AGGREGATE LIABILITY ARISING OUT OF OR IN CONNECTION WITH THESE TERMS OR THE SERVICE EXCEED THE GREATER OF: (A) THE TOTAL FEES PAID BY YOU TO VAULTFILL DURING THE TWELVE (12) MONTHS IMMEDIATELY PRECEDING THE EVENT GIVING RISE TO THE CLAIM; OR (B) ONE THOUSAND U.S. DOLLARS ($1,000). THIS LIMITATION APPLIES REGARDLESS OF THE THEORY OF LIABILITY AND EVEN IF WE HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
You agree to indemnify, defend, and hold harmless VaultFill Inc. and its affiliates, officers, directors, employees, agents, and licensors from and against any and all claims, demands, losses, liabilities, damages, costs, and expenses (including reasonable attorneys' fees) arising out of or related to: (a) your use of the Service; (b) your violation of these Terms; (c) your violation of any third-party rights, including intellectual property rights or privacy rights; (d) any Customer Data you submit to the Service; or (e) your reliance on AI-generated outputs without appropriate professional review and validation.
These Terms commence upon your acceptance and continue until terminated. Either party may terminate these Terms: (a) upon 30 days' written notice if the other party materially breaches these Terms and fails to cure such breach within the 30-day notice period; (b) immediately upon written notice if the other party becomes insolvent, files for bankruptcy, or ceases operations; or (c) at the end of any subscription term by providing notice at least 30 days before the renewal date.
Upon termination: (a) all license rights granted under these Terms immediately terminate; (b) you must cease all use of the Service; (c) you may request export of your Customer Data within 30 days of termination; (d) each party shall return or destroy the other party's Confidential Information; and (e) any accrued obligations, including payment obligations, survive termination.
Sections 3, 6, 7, 9, 10, 11, 12, 13, and 15 shall survive termination of these Terms.
These Terms are governed by and construed in accordance with the laws of the State of Delaware, United States, without regard to its conflict of law provisions. Any dispute arising out of or relating to these Terms or the Service shall be resolved as follows:
We reserve the right to modify these Terms at any time. If we make material changes, we will provide notice through the Service dashboard, by email to the address associated with your account, or by posting a prominent notice on our website at least 30 days before the changes take effect. Your continued use of the Service after the effective date of the revised Terms constitutes your acceptance of the changes. If you do not agree with the revised Terms, you must stop using the Service and may terminate your subscription in accordance with Section 14.
To ask questions about these Terms of Service or our legal practices, contact us: